Solved: Support for multiple inbound IP addresses

npowroz · ‎10-22-2021

My venerable NetGear router/firewall has died and I'm looking for a replacement. My ISP connection includes a /29 subnet, so I have over a dozen inbound IP addresses available to me. I need a router that will support that kind of configuration, obviously with NAT routing to any one of a dozen servers on my network. (This is actually the main development and support network for a software development company).

I've been looking at the RV3xx series, but the on-line documentation doesn't seem to explicitly say that they support what I need. Can anyone confirm if they'll do what I need?

Thanks

Norm

npowroz · ‎09-30-2024

It's been a bit, but I've been away on vacation, and tied up in other projects. I appreciate all the replies I received, but I finally decided to go in a slightly different direction, and have been quite pleased with my solution.

I bought a mini-sized standalone computer, not unlike an Intel NUC box. This one is based on a Core-i3/N305 CPU, and included 5*2.5GB Intel Ethernet ports. As a bit of futureproofing, I gave it 32GB of DDR5 memory and a 1TB NVME disc. I then installed the latest version of OPNSense and spent a few days getting used to it and getting it configured. I admit that I blew it away and started over a couple of times, until I got the hang of it. Its interface is quite a bit different from my old NetGear box, but also allows for a lot more detailed-level control over things, although making things a little more complex along the way.

In any event, it is handling all my traffic with aplomb, comes highly rated for security, has pretty decent documentation, and seems to be quite fast. I expect that it should be easily capable of moving up to fibre speeds when I finally decide to go that route and dump my DSL connection. So far, I am quite happy with my decision, and hope it will stay that way.

Cheers
Norm

View solution in original post

Georg Pauwen · ‎10-22-2021

Hello,

the RV3xx routers do not have a full CLI, what you need is the ability to configure a NAT pool such as this one:

ip nat pool ISP 212.12.32.1 212.12.32.6 netmask 255.255.255.248

For that you need a router that supports a full IOS. Have a look at the ISR900 series (datasheet linked below).

https://www.cisco.com/c/en/us/products/collateral/routers/900-series-integrated-services-routers-isr/datasheet-c78-741615.html

On a side note, a /29 subnet gives you 6 hosts.

npowroz · ‎10-23-2021

The /29 was a typo on my part that I missed. I actually have a /28 subnet, so I do have over a dozen potential addresses.

Norm

paul driver · ‎10-23-2021

Hello

FYI - the amount of available addressing you have has no relation to what rtr your choose

Your choice should be dependent on what services you require (vpn nat firewall qos etc) throughput and user usage and tbh meraki hardware for small to medium business are a good choice to review.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

npowroz · ‎10-23-2021

Well, in a sense it does. For example, your typical small router can only handle a single inbound IP address, typically assigned by DHCP, so none of those are of any use to me. Being able to say "route this inbound IP to this local server" is vital, but the publicly viewable documentation for a lot of routers doesn't specifically say that, hence my question. We also don't need datacenter-level equipment, so we're not interested in spending thousands on the router.

Cheers

Norm

paul driver · ‎10-23-2021

Hello

Not sure where you get data centre models from i didn’t even suggest them - Most soho routers support nat nowadays and are not that expensive and i guess £500+ for a decent UTM device thats internet facing isn’t going to break a small business bank account

As i said review the meraki hardware they are good kit and you get a lot for your money.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

npowroz · ‎10-23-2021

I appreciate your suggestion to look at the Meraki line, but after doing so I can't see anything that fits our needs for a reasonable cost. I haven't seen anything that doesn't include WiFi (which we don't need as we already have sufficient access points). It also looks like we will need to pay for licenses for Cisco software, and we have no interest in getting into that problem area. The cost of the Meraki line is also much higher than products from other vendors that we have been looking at. Those other products require no licensing, have no built-in WiFi, and seem to get regular firmware updates for free.

Thanks again for all your help. It has been very useful, but I think we will be looking at other vendors instead of Cisco.

Cheers

Norm

paul driver · ‎10-23-2021

Hello
No worries, totally understand regards the licencing it can be a minefield to traverse - You could also checkout the router selector - here to see if this provides you with any insight to what could accommodate your needs.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

paul driver · ‎10-23-2021

Hello

Suggest you review Meraki mx It can accommodate small to large usage of users it’s cloud managed so its always available - Gui based so no tricky cli- supports multiple features NAT LTE -POE-WiFi -client.site-to-site VPN.stateful firewall content filtering etc….Here

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

npowroz · ‎09-30-2024

It's been a bit, but I've been away on vacation, and tied up in other projects. I appreciate all the replies I received, but I finally decided to go in a slightly different direction, and have been quite pleased with my solution.

I bought a mini-sized standalone computer, not unlike an Intel NUC box. This one is based on a Core-i3/N305 CPU, and included 5*2.5GB Intel Ethernet ports. As a bit of futureproofing, I gave it 32GB of DDR5 memory and a 1TB NVME disc. I then installed the latest version of OPNSense and spent a few days getting used to it and getting it configured. I admit that I blew it away and started over a couple of times, until I got the hang of it. Its interface is quite a bit different from my old NetGear box, but also allows for a lot more detailed-level control over things, although making things a little more complex along the way.

In any event, it is handling all my traffic with aplomb, comes highly rated for security, has pretty decent documentation, and seems to be quite fast. I expect that it should be easily capable of moving up to fibre speeds when I finally decide to go that route and dump my DSL connection. So far, I am quite happy with my decision, and hope it will stay that way.

Cheers
Norm